If you're looking for an interesting, fulfilling career, you've come to the right place!
Sr. Principal Cyber Security Analyst
North Las Vegas, NV
At Mission Support and Test Services, LLC (MSTS), we're a dynamic team of employees who manage and operate the Nevada National Security Site (NNSS), formerly known as the Nevada Test Site. A premier outdoor, indoor and underground national laboratory for unique, high-level experiments, the NNSS has offices across the country, including Southern Nevada; Santa Barbara and Livermore, California; Washington, D.C.; and Albuquerque and Los Alamos, New Mexico. We're dedicated to working together as a team to keep our nation safe. Join us!
Key Responsibilities
Plans, organizes, and supervises Cyber Security work as it relates to network and systems engineering. Provides general oversight of Cyber Security projects and less experienced Cyber Security engineers.
Serves as a consultant to management, technical personnel, and customers along with the community.
Participates in business development as well as identifying new sources of funding. Develops strategies for meeting customer needs. Participates in selecting consultants and providers of needed knowledge and monitors their work.
Supports and ensures implementation of all Cyber Security directives; provides leadership and motivates staff; and may be designated to act in the capacity of a Supervisor of Manager in their absence, as necessary.
Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports.
Participates in budget preparation and administration. Prepares cost estimates for budget recommendations. Submits justifications for additional staff and equipment.
Enhances the understanding of adversary tactics, techniques, and procedures (TTPs).
Collaborates with Cyber Security and IT staff to identify, report on, and coordinate remediation of cyber threats.
Assists the ISSM and ISSOs with the execution of their assigned duties, acts as a liaison between the ISSM and other ISSOs and provides training to ISSOs about their Cyber Security role.
Supports incident response and forensics and collaborates with the incident response team as requested.
Identifies, reports, and assists in the remediation of Cyber Security threats and vulnerabilities.
Collaborates with other outside Cyber Security interests such as Counterintelligence, other DOE sites, US CERT, and law enforcement.
Scans network devices for vulnerabilities and configuration baseline compliance and reports findings.
Identifies the end-to-end impact of information security countermeasures on operational systems and technologies.
Identifies security issues and risks, and develops mitigation plans.
Designs, implements, supports, and evaluates security-focused tools and services.
Develops and interprets security policies and procedures.
Validates the functionality of security tools within the environment.
Supports design/deployment/maintenance of new and existing security infrastructure capabilities.
Conducts a variety of Cyber Security policy compliance tasks such as discovering unauthorized devices, site surveys for non-compliance, and ensuring network access requirements are met.
Acts as liaison and collaborates with Cyber Security, IT staff, Counterintelligence, the customer, other organizations (within NvE and at other DOE sites), US CERT and law enforcement.
Independently plans, schedules and directs projects, guided by established objectives, budgets and schedules.
Reviews the work of less experienced Cyber Security staff, contractors and suppliers to ensure their efforts are integrated and focused on established objectives.
Contributes to an overall productive and respectful work environment by providing excellent customer service and working in a positive, collegial manner at all times. Maintains cooperative and respectful working relationships with Cyber Security staff, other divisions, and other customers.
Qualifications
Due to the nature of our work, US Citizenship is required for all positions.
Bachelor's degree in a computer-related field or equivalent training and experience and at least 12 years' of experience.
Demonstrated expert knowledge of modern principles and practices of Cyber Security; certification and accreditation, network architecture, vulnerability identification and remediation, network forensics, ability to assist during an intrusion investigation.
Knowledge of network based services and client/server applications, familiarity with intrusion detection systems, familiarity with network architecture and security infrastructure placement.
Ability to use network scanning and vulnerability tools and interpret the results.
Knowledge of packet inspection, IDS/IPS, HBSS operations, firewall policies, creation of custom host based and perimeter IDS/IPS signatures.
Knowledge of Windows Active Directory and how to configure GPO settings and various information assurance tools.
Understanding of encryption technologies, identity and authentication technologies.
Knowledge of Cyber Security vulnerabilities, mitigation strategies, network architecture, and how to apply security controls.
Ability to conduct risk and vulnerability assessments and define security requirements for computer and information systems.
Ability to articulate highly technical processes and information to a non-technical audience.
Knowledge of program development, implementation, and evaluation.
Ability to maintain strict confidentiality.
Demonstrated leadership skills and ability.
Ability to deal effectively and appropriately with individuals and groups under adverse conditions, coping with situations firmly, courteously, and tactfully.
Ability to analyze situations quickly and objectively and determine the proper course of action; identify alternate solutions, project consequences of proposed actions, and implement decisions acting assertively and decisively.
Ability to communicate effectively in English, both verbally and in writing, sufficient to communicate with co-workers, customers, testify, write clear and concise reports, gather information, and collect information.
Ability to use multiple electronic devices including standard office machines, cellular phones, and security appliances.
Preferred additional qualifications:
Certified in Risk and Information Systems Control (CRISC)
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Juniper Networks Certified Expert Security (JNCIE)
Cisco Certified Architect Certification (CCAr)
Cisco Certified Internetwork Expert (CCIE)
Cisco Certified Design Expert (CCDE)
Microsoft Certified Solutions Expert (MCSE)
Microsoft Certified Solutions Master (MCSM)
VMware Certified Design Expert (VCDX)
GIAC Security Expert (GSE)
Certified Ethical Hacker (CEH)
Pre-placement physical examination, which includes a drug screen, is required. MSTS maintains a substance abuse policy that includes random drug testing.
Must have a valid driver's license.
Department of Energy Q Clearance (position will be cleared to this level). Reviews and tests for the absence of any illegal drug as defined in 10 CFR Part 707.4, Workplace Substance Abuse Programs at DOE Sites, will be conducted. Applicant selected will be subject to a Federal background investigation, and subsequent reinvestigations, and must meet the eligibility requirements for access to classified matter. Successful completion of a counterintelligence evaluation, which may include a counterintelligence-scope polygraph examination, may also be required. Reference 10 CFR Part 709, Counterintelligence Evaluation Program.
Eligibility Requirements - To obtain a clearance, an individual must be a U.S. citizen at least 18 years of age. Reference DOE Order 472.2, Personnel Security.
Please apply on-line at: https://careers-msts.icims.com/jobs/2890/sr-prin-cyber-security-analyst/job?mode=view
MSTS is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law. MSTS is a background screening, drug-free workplace.
MSTS is a limited liability company consisting of Honeywell International Inc. (Honeywell), Jacobs Engineering Group Inc. (Jacobs), and HII Nuclear Inc.